Skip to content

Commit

Permalink
CA-384579: Call previous NRPE plugin xapi to resolve certs permission…
Browse files Browse the repository at this point in the history
… issue
  • Loading branch information
BengangY committed Nov 1, 2023
1 parent 7a3d17f commit 58ccaa5
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 1 deletion.
1 change: 1 addition & 0 deletions XenModel/Actions/NRPE/NRPEHostConfiguration.cs
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@ public class NRPEHostConfiguration : ICloneable, IEquatable<NRPEHostConfiguratio
public const string XAPI_NRPE_SET_CONFIG = "set-config";
public const string XAPI_NRPE_SET_THRESHOLD = "set-threshold";
public const string XAPI_NRPE_RESTART = "restart";
public const string XAPI_NRPE_CONTROL = "control";

public const string DEBUG_ENABLE = "1";
public const string DEBUG_DISABLE = "0";
Expand Down
24 changes: 23 additions & 1 deletion XenModel/Actions/NRPE/NRPEUpdateAction.cs
Original file line number Diff line number Diff line change
Expand Up @@ -28,9 +28,9 @@
* SUCH DAMAGE.
*/

using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading;
using XenAPI;


Expand Down Expand Up @@ -104,6 +104,28 @@ private void SetNRPEConfigureForHost(IXenObject o)

private void SetNRPEStatus(IXenObject host, bool enableNRPE)
{
// Workaround for CA-384579 (caused by CA-384572):
// If the certificate used by NRPE was generated in Yangtze it has no permissions.
// We prevent command (start, restart, etc) failures by calling control, which modifies certificate permissions.
// After CA-384572 is resolved we will remove this workaround code.
if (enableNRPE)
{
Dictionary<string, string> enableDict = new Dictionary<string, string>
{
{ "enable", "true" }
};
try
{
string controlResult = Host.call_plugin(host.Connection.Session, host.opaque_ref, NRPEHostConfiguration.XAPI_NRPE_PLUGIN_NAME,
NRPEHostConfiguration.XAPI_NRPE_CONTROL, enableDict);
log.InfoFormat("Run NRPE {0}, return: {1}", NRPEHostConfiguration.XAPI_NRPE_CONTROL, controlResult);
}
catch (Exception e)
{
log.ErrorFormat("Run NRPE {0} failed, error: {1}", NRPEHostConfiguration.XAPI_NRPE_CONTROL, e.Message);
}
}

string nrpeUpdateStatusMethod = enableNRPE ?
NRPEHostConfiguration.XAPI_NRPE_ENABLE : NRPEHostConfiguration.XAPI_NRPE_DISABLE;
string result = Host.call_plugin(host.Connection.Session, host.opaque_ref, NRPEHostConfiguration.XAPI_NRPE_PLUGIN_NAME,
Expand Down

0 comments on commit 58ccaa5

Please sign in to comment.